Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local malicious user to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters.